Professor Lam is a Professor of Computer Science at the Nanyang Technological University (NTU), Singapore. He has been a Professor of the Tsinghua University, PR China (2002-2010) and a faculty member of the National University of Singapore and the University of London since 1990. He was a visiting scientist at the Isaac Newton Institute of the Cambridge University and a visiting professor at the European Institute for Systems Security. In 1998, he received the Singapore Foundation Award from the Japanese Chamber of Commerce and Industry in recognition of his R&D achievement in Information Security in Singapore. Prof Lam received his B.Sc. (First Class Honours) from the University of London in 1987 and his Ph.D. from the University of Cambridge in 1990. His research interests include Distributed Systems, IoT Security Infrastructure, Distributed Authentication, Biometric Cryptography, Homeland Security and Cybersecurity.

As the cybersecurity industry continues to mature, a number of key threads are becoming clear. Individual companies cannot succeed alone; there is no single technology panacea for cybersecurity problems, Nations are starved of talent, and cyber threats are increasingly driven by geopolitics and local context.

In the last year, BAE Systems has been partnering NTU on joint cyber security research. The ambition is simple. Understand Singapore-specific cyber threats, research innovative local solutions to problems, identify and create local talent, and ultimately grow Singapore’s cyber ecosystem.

Boye Vanell, BAE Systems Regional Director for Asia, will discuss how working with academia helps stimulate a business, identify new talent, and help develop industry. Following this, Professor Kwok Yan Lam, Principal Investigator for the joint research program at NTU, will provide the latest findings from the ongoing research.

Lavi Lazarovitz

Cyber Research Lead

CyberArk

Date: 21 September 2017

Time: 1630 - 1710 hrs

Venue: MR 310-311, Level 3

Biography

Lavi leads a team of security researchers who do, think, write and code cyber security.

Working alongside his dedicated team, he studies the methods and tactics employed by hackers to penetrate and exploit organizational networks and is responsible for devising effective detection and mitigation techniques to thwart cyber attacks.

Prior to his current experience at CyberArk, Lavi led a professional services team of web security engineers at Fireblade and served in the Israeli Air Force for 11 years as a pilot and as an intelligence officer.

The recent leaks of numerous tools and techniques used by the NSA (National Security Agency) and CIA (Central Intelligence Agency) and recent cyber-espionage campaigns proved, once again, how deep APT (Advanced Persistent Threat) groups can access and control information.

Espionage campaigns require low-profile penetration and lateral movement methods to remain undetected for long periods of time. This time is used to track and collect sensitive information from the compromised network about the organization or its users. Such campaigns, also require the use of persistency techniques to resist defensive operations. In this session, we will review techniques used by APT groups to both move and persist within the network whilst remaining undetected. We will also introduce and demonstrate two new techniques (Shadow Admins – ACL manipulation and Kerberos Delegation) that might be used in the next espionage campaign.

David Leach

Asia Pacific Chief Information Security Officer

J.P. Morgan

Date: 20 September 2017

Time: 1450 – 1520 hrs

Venue: MR 304, Level 3

Biography

Mr Leach is the Asia Pacific Chief Information Security Officer of J. P. Morgan,
responsible for driving the Cyber Security strategy across the firm’s businesses in
the Asia Pacific region. David serves on the Asia Pacific Technology Operating Committee.

Prior to joining J. P. Morgan in May 2012, David has held various IT risk and security
management roles at ANZ Bank, Standard Chartered Bank, and Dresdner Kleinwort Benson.

Email and web attacks are the most common methods used by cybercriminals to attack and destabilize your operations – and they are becoming increasingly sophisticated. With the cyber-threat environment continuing to evolve, this session will examine the innovative control measures that can be implemented in your organization to minimize the risk of a cyber-attack.

Walter Lee

Evangelist & Government Relations Leader, Global Safety Division

NEC Corporation

Date: 21 September 2017

Time: 1320 – 1400 hrs

Venue: MR 324, Level 3

Biography

Walter Lee is the Evangelist for Global Safety Solutions at NEC. He leads a team to evangelise, envision and enable new test-beds with government agencies and corporations globally. He was the Head of Innovation Management Office, Global Safety Division of NEC where he led various strategic PoCs and spearheaded a solutioning roadmap.

Prior to joining NEC, he held senior management appointments in various industries and global organisations.

He was the CEO of the e-Cop Group, Senior Vice-President at the Agency for Science Technology and Research, Head/Vice President at IDC Consulting Asia-Pacific, member of the Worldwide Consulting Management Board, and Head/Vice-President of E-Commerce at the SIA Group, and Member of the Founding Committee of Zuji.Com.

He has a MBA, B.Eng, and Graduate Diploma in Marketing Management through scholarships from Chartered Industries of Singapore Technologies and Hewlett-Packard. He also has a Graduate Diploma in Research and attended the Non-Profit Management Executive Programme at the Lee Kuan Yew School of Public Policy.

Connected and smart city resulting from the Internet of Things brings the promise of a brighter future where the citizenry can live in enhanced comfort and convenience.

However, the Internet as it is today is not just the World-Wide Web, it has become the Wild Wild West. Just as train robbers were rampant and wars were fought during the 19th and 20th centuries with the introduction of trains, the same is true now for the WWW. Will the WWW remain as the Wild Wild West, or will it truly bring with it immense Wealth and Well-being to the World? What are the trends, the threats, and the opportunities?

Dr Woo Lip Lim

Vice President, Data Analytics & Cyber Security

StarHub Limited

Date: 19 September 2017

Time: 1650 - 1730 hrs

Venue: MR 310-311, Level 3

Biography

Dr Lim Woo Lip joined StarHub in November 2013 as Vice President of SmartHub, StarHub’s analytics arm. StarHub is Singapore fully-integrated info-communications and media entertainment service provider. In this role, he leads the development of the analytics and cyber security capabilities in StarHub. He is also responsible for establishing strategic partnerships with government agencies, institutes of higher learning and commercial companies for collaborations in the analytics and cyber security domains.

Dr Lim is a member of the Republic Polytechnic’s School of Infocomm Advisory Committee. He was also conferred the Singapore Computer Society IT Leader Professional of The Year Award in 2017 in recognition of his contributions to the Singapore Infocomm Technologies (ICT) and Media Community.

There has been an unprecedented growth in the frequency, complexity and severity of cyber-attacks in recent years. Increased connectivity and proliferation of IoTs have resulted in growing number of connected devices and amount of data generated, creating further challenges in cyber defence. Singapore’s transformation into a Smart Nation will benefit individuals and businesses, but also increases our exposure to cyber threats which require a robust nationwide cyber defence. Telcos serve as “gateways” to the internet where network traffic flow in and out of Singapore. Hence, the Telcos play a unique and important role in national cyber defence.

In this session, Dr Lim Woo Lip, will explain how big data analytics and machine learning can be applied to the massive amount of network data passing through a Telco's infrastructure for cyber threat intelligence and threat landscape visibility across different sectors e.g. utilities, transportation, banking and consumer networks.

Victor Lo

Head of Information Security

Malaysia Digital Economy Corporation (MDEC)

Date: 20 September 2017

Time: 1450 – 1520 hrs

Venue: Auditorium, Hall 406, Level 4

Biography

Victor Lo is an experienced professional more than (18) years of information security and risk consulting experience in both enterprise information security solution and specialize on threat intelligence framework.

Over the years, he has served businesses Across the region of the Asia South countries such as India, Turkey, Thailand, Vietnam, Philippines, Indonesia, Malaysia, and Singapore.
Experience dealing with vertical industry primarily in South East Asia market and including Fortune 500 companies.

Victor currently attach with MDEC heading the information security industry development. His key role will be driving security as catalyst for digital transformation for the nation and promote collaboration among security industry vendors and innovation for security ecosystem.

In the era of the digital economy leading the country future. Cybersecurity has been identified as one of the key enabler for digital transformation which empowering the society, businesses and industry to collaborate and embrace for improving the country productivity.

The session will enable knowledge sharing on strategic intervention program in raising the bar of cybersecurity ecosystem via sustainable model of adoption, innovation, building recommend practice and talent development capability.

Ian Loe

Director, Government Cybersecurity Operations

Government Technology Agency of Singapore

Date: 20 September 2017

Time: 1420 – 1450 hrs

Venue: MR 304, Level 3

Biography

Ian has more than 20 years of experience in the IT industry with wide industry experience spanning public sector to financial services. He has deep knowledge in both infrastructure and application security with deep expertise in governance and security technologies.
Today Ian is responsible for the management of cybersecurity operations for the whole of government in Singapore, which includes the monitoring and response to cybersecurity incidents.

Track

Perspective and Insights from End-User

Presentation Title

Humans Are Still the Weakest Link

Abstract

In the technology heavy world of cybersecurity, humans are still the weakest link. Even with the best defensive technologies in place or even with Internet separation, there is still a large threat from social engineering like phishing attacks. This presentation aims to share some of these threats faced by GovTech and some of the measures we have put in place to better improve our security posture.
In this presentation, topics covered will include:

Technologies we have put in place to reduce threats.

Education materials we have developed to make users more aware.

Process improvement that have been made to incident response and investigation.

Lessons learnt from various incidents and how we use it to improve our defences.